Compare commits

...

3 Commits

View File

@ -1,6 +1,5 @@
using Humanizer; using Humanizer;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Primitives;
using OliverBooth.Data.Blog; using OliverBooth.Data.Blog;
using OliverBooth.Services; using OliverBooth.Services;
@ -17,24 +16,19 @@ public sealed class BlogApiController : ControllerBase
_blogService = blogService; _blogService = blogService;
} }
[Route("count")] [HttpGet("count")]
public IActionResult Count() public IActionResult Count()
{ {
return new JsonResult(new { count = _blogService.AllPosts.Count }); if (!ValidateReferer()) return NotFound();
return Ok(new { count = _blogService.AllPosts.Count });
} }
[Route("all/{skip:int?}/{take:int?}")] [HttpGet("all/{skip:int?}/{take:int?}")]
public IActionResult GetAllBlogPosts(int skip = 0, int take = -1) public IActionResult GetAllBlogPosts(int skip = 0, int take = -1)
{ {
if (!ValidateReferer()) return NotFound();
if (take == -1) take = _blogService.AllPosts.Count; if (take == -1) take = _blogService.AllPosts.Count;
return Ok(_blogService.AllPosts.Skip(skip).Take(take).Select(post => new
var referer = Request.Headers["Referer"].ToString();
if (!referer.StartsWith(Url.PageLink("/Blog/Index")!))
{
return NotFound();
}
return new JsonResult(_blogService.AllPosts.Skip(skip).Take(take).Select(post => new
{ {
id = post.Id, id = post.Id,
commentsEnabled = post.EnableComments, commentsEnabled = post.EnableComments,
@ -58,15 +52,22 @@ public sealed class BlogApiController : ControllerBase
})); }));
} }
[Route("author/{id:int}")] [HttpGet("author/{id:int}")]
public IActionResult GetAuthor(int id) public IActionResult GetAuthor(int id)
{ {
if (!ValidateReferer()) return NotFound();
if (!_blogService.TryGetAuthor(id, out Author? author)) return NotFound(); if (!_blogService.TryGetAuthor(id, out Author? author)) return NotFound();
return new JsonResult(new return Ok(new
{ {
name = author.Name, name = author.Name,
avatarHash = author.AvatarHash, avatarHash = author.AvatarHash,
}); });
} }
private bool ValidateReferer()
{
var referer = Request.Headers["Referer"].ToString();
return referer.StartsWith(Url.PageLink("/Blog/Index")!);
}
} }